Report - palmitosicoaraci.com.br/T-online

Report Overview

Submitted URL
palmitosicoaraci.com.br/T-online
IP
172.106.0.110
ASN
#40676 AS40676
Submitted
2022-11-08 02:50:23
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
28

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	1.7 kB	4.0 kB	93.184.220.29
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	44.242.41.15
classify-client.services.mozilla.com	3824	2019-01-09T19:41:01Z	2023-03-10T10:44:49Z	369 B	344 B	34.98.75.36
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	449 B	746 B	142.250.74.10
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	1.3 kB	18 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	63 kB	34.120.237.76
palmitosicoaraci.com.br	unknown	2015-02-19T14:38:02Z	2023-03-01T14:41:29Z	14 kB	377 kB	172.106.0.110
code.jquery.com	634	2012-05-21T19:28:02Z	2023-03-10T05:11:37Z	378 B	31 kB	69.16.175.42
cdn.jsdelivr.net	439	2012-09-30T02:15:09Z	2023-03-10T11:13:22Z	835 B	33 kB	151.101.85.229
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	3.4 kB	104 kB	34.102.187.140
diffuser-cdn.app-us1.com	8451	2019-06-13T05:58:17Z	2023-03-10T08:35:04Z	388 B	41 kB	104.17.145.91
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-10T05:15:22Z	828 B	91 kB	31.13.72.12
normandy.cdn.mozilla.net	3562	2017-01-30T06:02:05Z	2023-03-10T10:44:48Z	341 B	1.4 kB	54.230.111.106
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.4 kB	6.2 kB	23.36.77.32
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-10T08:04:05Z	423 B	11 kB	104.17.24.14
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	2.1 kB	4.2 kB	142.250.74.3
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-10T05:11:21Z	368 B	2.0 kB	151.101.86.133
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T14:37:36Z	982 B	54 kB	216.58.207.195
prism.app-us1.com	8479	2019-01-09T07:40:26Z	2023-03-10T16:03:09Z	438 B	463 B	104.17.145.91

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-08	medium	palmitosicoaraci.com.br/T-online	Phishing
2022-11-08	medium	palmitosicoaraci.com.br/T-online	Phishing
2022-11-08	medium	palmitosicoaraci.com.br/_cdn/workcontrol.js	Phishing
2022-11-08	medium	palmitosicoaraci.com.br/_cdn/jquery.js	Phishing
2022-11-08	medium	palmitosicoaraci.com.br/themes/pamar/scripts.js	Phishing
2022-11-08	medium	palmitosicoaraci.com.br/themes/pamar/lib/wow/wow.min.js	Phishing
2022-11-08	medium	palmitosicoaraci.com.br/themes/pamar/lib/easing/easing.min.js	Phishing
2022-11-08	medium	palmitosicoaraci.com.br/themes/pamar/lib/waypoints/waypoints.min.js	Phishing
2022-11-08	medium	palmitosicoaraci.com.br/themes/pamar/lib/counterup/counterup.min.js	Phishing
2022-11-08	medium	palmitosicoaraci.com.br/themes/pamar/js/main.js	Phishing
2022-11-08	medium	palmitosicoaraci.com.br/themes/pamar/lib/owlcarousel/owl.carousel.min.js	Phishing
2022-11-08	medium	palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/js/moment-timezone.min.js	Phishing
2022-11-08	medium	palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/js/tempusdominus-bootstrap-4.min.js	Phishing
2022-11-08	medium	palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/js/moment.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (20)

	URL	Size	First Seen	Last Seen
	palmitosicoaraci.com.br/themes/pamar/lib/waypoints/waypoints.min.js	9.0 kB	2023-03-07	2024-04-19
Pretty URL palmitosicoaraci.com.br/themes/pamar/lib/waypoints/waypoints.min.js IP 172.106.0.110 ASN #40676 AS40676 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-19 20:39:52 Times Seen4742 Hash 7d05f92297dede9ecfe3706efb95677a 56bdb149d9baf64474a4c24ae66445769a28254e 368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c Loading...

	prism.app-us1.com/?a=799654661&u=https%3A%2F%2Fpalmitosicoaraci.com.br%2FT-online	0 B	2023-03-07	2024-04-19
Pretty URL prism.app-us1.com/?a=799654661&u=https%3A%2F%2Fpalmitosicoaraci.com.br%2FT-online IP 104.17.145.91 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 21:13:35 Times Seen36967443 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	connect.facebook.net/pt_BR/sdk.js#xfbml=1&version=v3.2&appId=0&autoLogAppEvents=1	3.1 kB	2023-03-11	2023-03-11
Pretty URL connect.facebook.net/pt_BR/sdk.js#xfbml=1&version=v3.2&appId=0&autoLogAppEvents=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:48:49 Last Seen2023-03-11 08:48:49 Times Seen1 Hash eafd1f43c636b303ca8413a9fe5e4d3e 95723fa7120950108e56db979061b85a2de51a6a d93f67cbbfecfcbbc9b1243360460068c3d46eac6efb82886ac5949e93aba9d1 Loading...

	palmitosicoaraci.com.br/themes/pamar/scripts.js	2.1 kB	2023-03-11	2023-05-23
Pretty URL palmitosicoaraci.com.br/themes/pamar/scripts.js IP 172.106.0.110 ASN #40676 AS40676 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:48:49 Last Seen2023-05-23 09:04:14 Times Seen36 Hash aadb714b1a76493a99e62ea3f134c5d4 50622bc22c532e6ccc1a709adc48ed1bfababb0b 995912c8032aae6d4e9059fc556213abce5b6d25f5f8bf79c70d963bcd9c106b Loading...

	palmitosicoaraci.com.br/T-online	564 B	2023-03-11	2023-05-23
Pretty URL palmitosicoaraci.com.br/T-online IP 172.106.0.110 ASN #40676 AS40676 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:48:49 Last Seen2023-05-23 09:04:13 Times Seen19 Hash 84fc5cae0153a16ac3654977dec4ad62 7e5ae993e429e850bd7221c0531332c1e4ae9c46 2985aec5e86d862360ccbc04e1864c1f0852de92579ed1be14b3cbe2cf8965aa Loading...

	palmitosicoaraci.com.br/themes/pamar/lib/counterup/counterup.min.js	2.4 kB	2023-03-07	2024-04-17
Pretty URL palmitosicoaraci.com.br/themes/pamar/lib/counterup/counterup.min.js IP 172.106.0.110 ASN #40676 AS40676 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-17 07:09:24 Times Seen1008 Hash d0ce5cfe7008eab4a73260954f06df68 4426c6745ebb31e834dcc1f9105e2e2e7402ffc1 cffc5847cc961e6d38ede0947f9e0e9650c92521660360468647d59944a75638 Loading...

	palmitosicoaraci.com.br/themes/pamar/lib/owlcarousel/owl.carousel.min.js	43 kB	2023-03-07	2024-04-19
Pretty URL palmitosicoaraci.com.br/themes/pamar/lib/owlcarousel/owl.carousel.min.js IP 172.106.0.110 ASN #40676 AS40676 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-19 10:16:10 Times Seen8097 Hash b7b9c97cd68ec336d01a79d5be48c58d 1a99890b57c9859a622337ed0b2f989d6e30cc0e b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43 Loading...

	palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/js/moment.min.js	327 kB	2023-03-07	2024-04-05
Pretty URL palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/js/moment.min.js IP 172.106.0.110 ASN #40676 AS40676 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:19:06 Last Seen2024-04-05 10:06:52 Times Seen826 Hash a79a8710a3517e497846aca9179f8d81 a84840cafc097fbcfaab6c49d5fcfaa598e0ec6d 56b9ad34701d1b38cdb1436d5981b9e71c44f710d3cf8805eb7c7fa6b297287d Loading...

	code.jquery.com/jquery-3.4.1.min.js	88 kB	2023-03-07	2024-04-19
Pretty URL code.jquery.com/jquery-3.4.1.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-19 20:57:43 Times Seen95065 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	cdn.jsdelivr.net/npm/bootstrap@5.0.0/dist/js/bootstrap.bundle.min.js	80 kB	2023-03-07	2024-04-14
Pretty URL cdn.jsdelivr.net/npm/bootstrap@5.0.0/dist/js/bootstrap.bundle.min.js IP 151.101.85.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-14 15:20:49 Times Seen1458 Hash 1fa88fa805d906cc3d966a4bf3a5ff43 d8961702df54aa970f1f30087c8d0b1f6967c784 325d19f9a1f62ad82f9f382a877f42bf447c8cbb293dd7cd2c03cf3bcf2f146a Loading...

	palmitosicoaraci.com.br/_cdn/jquery.js	96 kB	2023-03-11	2023-05-23
Pretty URL palmitosicoaraci.com.br/_cdn/jquery.js IP 172.106.0.110 ASN #40676 AS40676 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:48:49 Last Seen2023-05-23 09:04:14 Times Seen37 Hash cb3ba18ca1002a542796b5c2b607cf8b 653104ea8761e842d403fb57ba21abf8c3848bc2 c8bc65dc592dcb0ab9495c05f4271257541e458d5a26a7d62d49d572f60558e4 Loading...

	diffuser-cdn.app-us1.com/diffuser/diffuser.js	24 kB	2023-03-07	2023-04-05
Pretty URL diffuser-cdn.app-us1.com/diffuser/diffuser.js IP 104.17.145.91 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:30 Last Seen2023-04-05 02:07:52 Times Seen69 Hash 4d482a43613d3966f353ec9d97452e0c 4acc9cf492267ab6d351fb11246431bd7d6e6387 15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648 Loading...

	palmitosicoaraci.com.br/themes/pamar/js/main.js	2.6 kB	2023-03-11	2023-05-23
Pretty URL palmitosicoaraci.com.br/themes/pamar/js/main.js IP 172.106.0.110 ASN #40676 AS40676 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:48:49 Last Seen2023-05-23 09:04:14 Times Seen36 Hash 1a245c94633d4b93a333d9c21929936f ad264bf77568c2bd9fcdfefc4fad6dc60b6077b3 ef32053eddc62b30b8ae06fbb31ff73f5c3828249f729acb29e9aad678643e68 Loading...

	palmitosicoaraci.com.br/_cdn/workcontrol.js	5.8 kB	2023-03-11	2023-05-23
Pretty URL palmitosicoaraci.com.br/_cdn/workcontrol.js IP 172.106.0.110 ASN #40676 AS40676 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:48:49 Last Seen2023-05-23 09:04:14 Times Seen36 Hash ad52b3b2c4f85352ed73923f6def2bf5 e865efc6f66307a39aa6fa9c3b5cdb63c2b598e0 94ca31f72386273942f04f59396eac4db9001b67d593e7917c0620679b523e8a Loading...

	palmitosicoaraci.com.br/themes/pamar/lib/wow/wow.min.js	8.2 kB	2023-03-07	2024-04-02
Pretty URL palmitosicoaraci.com.br/themes/pamar/lib/wow/wow.min.js IP 172.106.0.110 ASN #40676 AS40676 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-02 19:37:11 Times Seen411 Hash 3f3d63e2feea51da5ea907e80e74d75d ca546ef8e982c4b9d1ad43ad38fc702d0cb1d873 1041568a299093ef168fd78f8b54c27d1cf0cdfae8e870de0769ba1174c6bc05 Loading...

	palmitosicoaraci.com.br/themes/pamar/lib/easing/easing.min.js	2.3 kB	2023-03-07	2024-04-17
Pretty URL palmitosicoaraci.com.br/themes/pamar/lib/easing/easing.min.js IP 172.106.0.110 ASN #40676 AS40676 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-17 04:34:43 Times Seen1711 Hash adf739cca147aff5e39fd65e6e64f420 ce3bb19811c619220dd2329165eb8a8166094fec 0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d Loading...

	palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/js/moment-timezone.min.js	33 kB	2023-03-07	2024-04-02
Pretty URL palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/js/moment-timezone.min.js IP 172.106.0.110 ASN #40676 AS40676 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:48:17 Last Seen2024-04-02 14:24:57 Times Seen678 Hash 1a771c7f06717ed315ff7e6bad2d7058 0fc8a0049e382f0f0ad7dda5ba0b0178677e875e 26ffb9c1e8b8cc2a1f8bb33a0fe1db19c5db1413acb2136ff9a2094a87411a13 Loading...

	palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/js/tempusdominus-bootstrap-4.min.js	57 kB	2023-03-07	2024-04-02
Pretty URL palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/js/tempusdominus-bootstrap-4.min.js IP 172.106.0.110 ASN #40676 AS40676 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:48:17 Last Seen2024-04-02 14:24:57 Times Seen741 Hash ac4d4d755b70ee1a00f7fc78cc85bc05 e6ce53ab1858b532c037334b512e010f0f093943 cf4a0a620eb188bab7c891aca7f2ec63d5f291bc1e4251e5e368c7bf65d3073e Loading...

	palmitosicoaraci.com.br/T-online	447 B	2023-03-11	2023-05-23
Pretty URL palmitosicoaraci.com.br/T-online IP 172.106.0.110 ASN #40676 AS40676 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:48:49 Last Seen2023-05-23 09:04:13 Times Seen19 Hash b9fd2c8f6dc6526d83cb25d0a59af9df c9405603260acd04196f12deb3e011e8165abba1 decc502b45d6fa8bdd8c04c5bcf68821e0c3807ba8955b0f788f4207c3c884f5 Loading...

	connect.facebook.net/pt_BR/sdk.js?hash=c4945207e4537644df0bc8e852aabea4	308 kB	2023-03-11	2023-03-11
Pretty URL connect.facebook.net/pt_BR/sdk.js?hash=c4945207e4537644df0bc8e852aabea4 IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:48:49 Last Seen2023-03-11 09:03:10 Times Seen1 Hash ee1dade5a3d4a7568726e512a3e24299 4ca069ffc430116e145e70d8c751f577b7053c7d dd2426951ffece16f48702ec4a7f5d6dd3b2007a6292566a3fcde09b203c2bef Loading...

HTTP Transactions (77)

URL IP Response Size

palmitosicoaraci.com.br/T-online

172.106.0.110

301 Moved Permanently

707 B

URL HTTP/1.1
palmitosicoaraci.com.br/T-online
IP
172.106.0.110:0
ASN
#40676 AS40676

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /T-online HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Tue, 08 Nov 2022 02:50:09 GMT
server: LiteSpeed
location: https://palmitosicoaraci.com.br/T-online

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c7a8ba48383a0e56baca8c8c41b81a04
b04c1f1e730a71f17ff639c9db697c532d4e5421
7860552382285e6eddddc5226c6f6400caa3f6fc3cb4b8a2d550c6fc653f78bb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7860552382285E6EDDDDC5226C6F6400CAA3F6FC3CB4B8A2D550C6FC653F78BB"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5021
Expires: Tue, 08 Nov 2022 04:13:51 GMT
Date: Tue, 08 Nov 2022 02:50:10 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9fd081ea88e8b8563986b3e558496d21
60700393dce5eb42c0db0d5feef340f4832e3c65
d92555957857423ed02f0d0435739bcd40a996591c73f40315564b372f6e2395

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5570
Cache-Control: max-age=119637
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:50:10 GMT
Etag: "6368de76-1d7"
Expires: Wed, 09 Nov 2022 12:04:07 GMT
Last-Modified: Mon, 07 Nov 2022 10:31:18 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9fd081ea88e8b8563986b3e558496d21
60700393dce5eb42c0db0d5feef340f4832e3c65
d92555957857423ed02f0d0435739bcd40a996591c73f40315564b372f6e2395

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2352
Cache-Control: max-age=116420
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:50:10 GMT
Etag: "6368de76-1d7"
Expires: Wed, 09 Nov 2022 11:10:30 GMT
Last-Modified: Mon, 07 Nov 2022 10:31:18 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d8c32b2fb818533a5b3fe5c69157bde9
93594fd3fc50d9d444c28660eabba1edbe4f0588
df8b8ce7a83d11fbe075c8780103c509654f288b5d757d64b696d861a11f3c7f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF8B8CE7A83D11FBE075C8780103C509654F288B5D757D64B696D861A11F3C7F"
Last-Modified: Sun, 06 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11237
Expires: Tue, 08 Nov 2022 05:57:28 GMT
Date: Tue, 08 Nov 2022 02:50:11 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: spc75RdG91gDNieLzQtw4qeOOIv5+o/Wu0JC4aoNuS6362pjPQWH6mNOHEI9xTc3VYmwuoEAspi13Rz0buUGWg==
x-amz-request-id: 23TQBBNTXEGEGEW6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 08 Nov 2022 02:48:20 GMT
age: 111
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 02:50:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.0/css/all.min.css

104.17.24.14

200 OK

10 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.0/css/all.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (56331)
Size
10 kB (9974 bytes)
Hash
504d3db17059beb7c9278d8519c94752
291ad53bb1ac4932600bfb4488c56bc55e4db9b1
53ada737b0df4fdeeb9859542a1f458196dec7829cd87b3c9b9d7b0c58ba0310

HTTP Headers

GET /ajax/libs/font-awesome/5.10.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 08 Nov 2022 02:50:11 GMT
content-type: text/css; charset=utf-8
content-length: 9974
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e60-dcc5"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 13321766
expires: Sun, 29 Oct 2023 02:50:11 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0rYofSd28fKlI%2Bay1mmphpto1eQ6fTDej8w6y8CSF6VsQLR0yIHunPoZQPlbCabtkthbbBb8eQFgzCs8mGF%2B0EhgB14FL3%2FJ0R%2FvuBduwB6cNVsEaG7%2F%2FCQ6QoLNcgZTKtBWBou"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 766affefbf6a0b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e6f4643306be10417c47176a6e67306f
940a13818904add9e1cacd12610f37ba1efd7bc5
67e51095b5da59b3eeda8a28c81789e69064a0a19a93347c2fcb05fd4b21e6d0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4021
Cache-Control: max-age=113016
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:50:11 GMT
Etag: "6368caa6-1d7"
Expires: Wed, 09 Nov 2022 10:13:47 GMT
Last-Modified: Mon, 07 Nov 2022 09:06:46 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

code.jquery.com/jquery-3.4.1.min.js

69.16.175.42

200 OK

31 kB

URL HTTP/2
code.jquery.com/jquery-3.4.1.min.js
IP
69.16.175.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (65451)
Size
31 kB (30638 bytes)
Hash
9abb42735168ac9e960b770179b642aa
11475bf8c7244af7a820108b7762e7a3f95aa52c
df53c09a6546b3d23dc0b2d0d92c39808c5663a75f4bf1f8d035fd11b7c81243

HTTP Headers

GET /jquery-3.4.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 08 Nov 2022 02:50:11 GMT
content-encoding: gzip
content-length: 30638
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15851"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1667875811.dop017.sk1.t,1667875811.cds263.sk1.hn,1667875811.cds201.sk1.c
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.0.0/dist/js/bootstrap.bundle.min.js

151.101.85.229

200 OK

22 kB

URL HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.0.0/dist/js/bootstrap.bundle.min.js
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65299)
Size
22 kB (22435 bytes)
Hash
daa80660d5766073c0be83d6419a3411
1995a34ba3db0fcf5b8bae8b2a1cdd8cbee57e9a
6863336e8f0c91e087d618fb05d13f05894e005447f740b70b084a1426466a32

HTTP Headers

GET /npm/bootstrap@5.0.0/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.0.0
x-jsd-version-type: version
etag: W/"13731-2JYXAt9UqpcPHzAIfI0LH2lnx4Q"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 08 Nov 2022 02:50:11 GMT
age: 2424296
x-served-by: cache-fra19157-FRA, cache-bma1647-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22435
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
96791bd486db22c41012d25318835bdf
b32c813f16b84a6b2660bd527843da5e368af8eb
61a4589c35910af9f8d20ff0c7eca296a77a336ab00730573fe9ce7cf2cc72c5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:50:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.jsdelivr.net/npm/bootstrap-icons@1.4.1/font/bootstrap-icons.css

151.101.85.229

200 OK

8.8 kB

URL HTTP/2
cdn.jsdelivr.net/npm/bootstrap-icons@1.4.1/font/bootstrap-icons.css
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text
Size
8.8 kB (8844 bytes)
Hash
5813a944575a76776931431ffde6693f
865909634bd204fb4b0c654543fabe87209bdf26
9e3f7c85a1d0099f7f50b05e7e6934129fe6d108d783d34bd599812c53be4eac

HTTP Headers

GET /npm/bootstrap-icons@1.4.1/font/bootstrap-icons.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.4.1
x-jsd-version-type: version
etag: W/"f8b2-v7ZMVELJO4O8jF4rcNGwrm8YAaE"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 08 Nov 2022 02:50:11 GMT
age: 7252966
x-served-by: cache-fra19141-FRA, cache-bma1647-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8844
X-Firefox-Spdy: h2

palmitosicoaraci.com.br/_cdn/bootcss/reset.css

172.106.0.110

200 OK

3.0 kB

URL HTTP/2
palmitosicoaraci.com.br/_cdn/bootcss/reset.css
IP
172.106.0.110:0
ASN
#40676 AS40676

File type
ASCII text, with very long lines (331)
Size
3.0 kB (2977 bytes)
Hash
f3f53c0d4582e0f26404c3d2a408a101
d389b2a45dd8a24e36a21c8aa74f61138e213751
66358a916a6a4d582580eed5de30019efcaa5a8530429907a23953cc66685102

HTTP Headers

GET /_cdn/bootcss/reset.css HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:10 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 19:20:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2977
date: Tue, 08 Nov 2022 02:50:10 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

palmitosicoaraci.com.br/T-online

172.106.0.110

200 OK

7.7 kB

URL HTTP/2
palmitosicoaraci.com.br/T-online
IP
172.106.0.110:0
ASN
#40676 AS40676

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (469), with CRLF, LF line terminators
Size
7.7 kB (7671 bytes)
Hash
f91ba0fda99d76aef33f0ded03a1df99
08f5c656f2c74a070b64d9a15970a9b120a1c826
52e957046a0776b656ae387bfc01f399891dfbf4f359a0d9f713dec62e2f891f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /T-online HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; path=/; secure
userView=palmitos; expires=Wed, 09-Nov-2022 02:50:10 GMT; Max-Age=86400; path=/; secure
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Tue, 08 Nov 2022 02:50:10 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

151.101.86.133

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
151.101.86.133:0
ASN
#54113 FASTLY

File type
data
Size
1.5 kB (1462 bytes)
Hash
321ce3a2f4d42940ef412fd008f95409
a4aca987a6c7f79e88dfef8c1bcc2326cb899be9
5c4c561a0290f3b3fdf357cbe9e773fa6f9726b4c0becbe422bde5ede22b9de9

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1462
Content-Type: application/ocsp-response
Etag: "79A20FB2D7748C18998DE7B4A455D71CA298872B"
Expires: Tue, 08 Nov 2022 14:00:00 UTC
Last-Modified: Tue, 08 Nov 2022 02:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
Accept-Ranges: bytes
Date: Tue, 08 Nov 2022 02:50:11 GMT
Via: 1.1 varnish
Age: 2148
X-Served-By: cache-bma1668-BMA
X-Cache: HIT
X-Cache-Hits: 7
X-Timer: S1667875812.909306,VS0,VE0

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
96791bd486db22c41012d25318835bdf
b32c813f16b84a6b2660bd527843da5e368af8eb
61a4589c35910af9f8d20ff0c7eca296a77a336ab00730573fe9ce7cf2cc72c5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:50:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

palmitosicoaraci.com.br/themes/pamar/lib/animate/animate.min.css

172.106.0.110

200 OK

2.5 kB

URL HTTP/2
palmitosicoaraci.com.br/themes/pamar/lib/animate/animate.min.css
IP
172.106.0.110:0
ASN
#40676 AS40676

File type
ASCII text, with very long lines (16755)
Size
2.5 kB (2501 bytes)
Hash
8749712e65b163c12306df7f1e7d1261
29347292299cd3a5d207e05c711c66fa20333b96
6042228bdd632754cb22416d37bdc8e8dc62df670899b01b9bd406e442d16441

HTTP Headers

GET /themes/pamar/lib/animate/animate.min.css HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:10 GMT
content-type: text/css
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2501
date: Tue, 08 Nov 2022 02:50:10 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

palmitosicoaraci.com.br/themes/pamar/lib/owlcarousel/assets/owl.carousel.min.css

172.106.0.110

200 OK

789 B

URL HTTP/2
palmitosicoaraci.com.br/themes/pamar/lib/owlcarousel/assets/owl.carousel.min.css
IP
172.106.0.110:0
ASN
#40676 AS40676

File type
ASCII text, with very long lines (2846)
Size
789 B (789 bytes)
Hash
f28411148e2c4159c779ed6cb9060a03
3e28a7725e7dec0a774b30f749ccc2f4664cc03b
5e569c50803725ebc0c486d05135852e56a7b8b320c9cf6cfe3b201965de0004

HTTP Headers

GET /themes/pamar/lib/owlcarousel/assets/owl.carousel.min.css HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:10 GMT
content-type: text/css
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 789
date: Tue, 08 Nov 2022 02:50:10 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/css/tempusdominus-bootstrap-4.min.css

172.106.0.110

200 OK

1.4 kB

URL HTTP/2
palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/css/tempusdominus-bootstrap-4.min.css
IP
172.106.0.110:0
ASN
#40676 AS40676

File type
ASCII text, with very long lines (836)
Size
1.4 kB (1447 bytes)
Hash
29842a8c7914e5bcb26c39f8be405856
0ff1fe917ecc77f945f6b59b7a7e15b624b36c7b
a80610ce8e9bcb5f8ed5c86a13a5aa384f33943a56358fa4834bf79c1cb10f32

HTTP Headers

GET /themes/pamar/lib/tempusdominus/css/tempusdominus-bootstrap-4.min.css HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:10 GMT
content-type: text/css
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1447
date: Tue, 08 Nov 2022 02:50:10 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

palmitosicoaraci.com.br/themes/pamar/css/style.css

172.106.0.110

200 OK

1.6 kB

URL HTTP/2
palmitosicoaraci.com.br/themes/pamar/css/style.css
IP
172.106.0.110:0
ASN
#40676 AS40676

File type
ASCII text
Size
1.6 kB (1580 bytes)
Hash
78ba9e845c33461ec91b5f0a33ebf32f
63450b4b3c5660a41ca2bf019b92e7017ab2e265
fe16038bb148d4211839fd72d70e96ed9a6148655124b95c51e1270041fd2e35

HTTP Headers

GET /themes/pamar/css/style.css HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:10 GMT
content-type: text/css
last-modified: Tue, 23 Aug 2022 19:04:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1580
date: Tue, 08 Nov 2022 02:50:10 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

palmitosicoaraci.com.br/themes/pamar/css/whatsapp.css

172.106.0.110

200 OK

1.1 kB

URL HTTP/2
palmitosicoaraci.com.br/themes/pamar/css/whatsapp.css
IP
172.106.0.110:0
ASN
#40676 AS40676

File type
ASCII text
Size
1.1 kB (1133 bytes)
Hash
985b832ebc38c5e0a3bce4a48ff6695c
ad77e54ba86daa46558e7d3401b48df2d4a0c7b1
51377f27bc6f5c479622cc0dece586601ae7e27a9c4ba340831e9fac24b4c3bf

HTTP Headers

GET /themes/pamar/css/whatsapp.css HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:11 GMT
content-type: text/css
last-modified: Wed, 24 Aug 2022 14:48:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1133
date: Tue, 08 Nov 2022 02:50:10 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

palmitosicoaraci.com.br/_cdn/workcontrol.js

172.106.0.110

200 OK

1.6 kB

URL HTTP/2
palmitosicoaraci.com.br/_cdn/workcontrol.js
IP
172.106.0.110:0
ASN
#40676 AS40676

File type
ASCII text
Size
1.6 kB (1641 bytes)
Hash
e30f7e4b419c12a9e1e75ae21ee90ca0
0a3ad129938333b08a896f144e57cf5629cd6f74
cf522c88c50a3d8bdce0fc755277998ebc5e40b8be4d6dfd78a4daa720e206d4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_cdn/workcontrol.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:11 GMT
content-type: application/javascript
last-modified: Tue, 04 May 2021 22:30:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1641
date: Tue, 08 Nov 2022 02:50:10 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

push.services.mozilla.com/

44.242.41.15

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.242.41.15:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xkePFbc6M2xE/jvZfTo7fg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3RhFDXn8VKh7IEz8jFGgBRd1mik=

palmitosicoaraci.com.br/themes/pamar/css/bootstrap.min.css

172.106.0.110

200 OK

21 kB

URL HTTP/2
palmitosicoaraci.com.br/themes/pamar/css/bootstrap.min.css
IP
172.106.0.110:0
ASN
#40676 AS40676

File type
ASCII text, with very long lines (65326)
Size
21 kB (20716 bytes)
Hash
28440b0d7108ab149ba0758f9d8ee9fa
8a425e3cddf0a03336c8d9d9b4beba400f4e441f
c3d353bcb294f127bc81e8ccafe3d9277bc42ca6ae6f5178aeae6b2d3c723c55

HTTP Headers

GET /themes/pamar/css/bootstrap.min.css HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:10 GMT
content-type: text/css
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 20716
date: Tue, 08 Nov 2022 02:50:10 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

palmitosicoaraci.com.br/_cdn/jquery.js

172.106.0.110

200 OK

32 kB

URL HTTP/2
palmitosicoaraci.com.br/_cdn/jquery.js
IP
172.106.0.110:0
ASN
#40676 AS40676

File type
ASCII text, with very long lines (32046)
Size
32 kB (32371 bytes)
Hash
2f700400f1a3e5f1e01c4ec019de6c13
e278d2d4c8a748218a70c8d00658bead97ffa6bf
d54f279c3c1537c9cd32c63ea5f67a116ae28f06b36b15598a2e78a071db4667

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_cdn/jquery.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:11 GMT
content-type: application/javascript
last-modified: Sun, 08 Oct 2017 04:53:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 32371
date: Tue, 08 Nov 2022 02:50:10 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221667874118155%22

34.102.187.140

200 OK

22 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221667874118155%22
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (21675), with no line terminators
Size
22 kB (21675 bytes)
Hash
e2bcf942c8cf08ba66e616d26c8413bb
f8f64f195762b5ea2681d30f98d07001e4aa6baa
805440f993b9060f5394a4a827054e7824e42bff285ec9344774345381bb1656

HTTP Headers

GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221667874118155%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 21675
via: 1.1 google
date: Tue, 08 Nov 2022 02:27:23 GMT
cache-control: public,max-age=3600
last-modified: Tue, 08 Nov 2022 02:21:58 GMT
content-type: application/json
age: 1369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1667846237618&_since=%221666204638208%22

34.102.187.140

200 OK

5.3 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1667846237618&_since=%221666204638208%22
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (5283), with no line terminators
Size
5.3 kB (5283 bytes)
Hash
b1527b2dfad8b6b174df5f7cb784e744
7aaebfda17cab462811ba4cc57607e0cac3b5b24
6c65bb89154b3940f2d844f9e26361ea35ae2d1b2965a6c73bdf7a34c386fbb4

HTTP Headers

GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1667846237618&_since=%221666204638208%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 5283
via: 1.1 google
date: Tue, 08 Nov 2022 02:50:06 GMT
cache-control: public,max-age=3600
age: 6
last-modified: Mon, 07 Nov 2022 18:37:17 GMT
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-09-20-34-00.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-09-20-34-00.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
c22da7ef9d9661440ea75c23cb583813
45e567955ce3901a1f2d723fdab3c607f7419dd9
2499384fa96f3b1644f5ff8ec2f7a058f5e9b516684e89eb3ff1a1a3060ff053

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-09-20-34-00.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: hl5ewqx/NDQFMqZSU4vN6pVRG3kcuQZ5B6eMUp5gu4c5QoQl3XxWIY0C9Z/XVPyu+Jdtam2tLfU=
x-amz-request-id: MFCH10JDER8ETSDY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 08 Nov 2022 02:50:10 GMT
age: 2
last-modified: Thu, 20 Oct 2022 20:34:01 GMT
etag: "c22da7ef9d9661440ea75c23cb583813"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1667865664021&_since=%221666483264567%22

34.102.187.140

200 OK

57 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1667865664021&_since=%221666483264567%22
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (56883), with no line terminators
Size
57 kB (56883 bytes)
Hash
45f1195567ab685619bd98876f4b228c
86f5ed7c26ccf0a591f04e8588a14d8c9a335c8b
387d86cab7b854a9a1c7817f8d93018cc1c5446bb42c1747509dd797e1bde2cf

HTTP Headers

GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1667865664021&_since=%221666483264567%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 56883
via: 1.1 google
date: Tue, 08 Nov 2022 02:17:59 GMT
cache-control: public,max-age=3600
age: 1933
last-modified: Tue, 08 Nov 2022 00:01:04 GMT
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1667859140556&_since=%221666279968541%22

34.102.187.140

200 OK

11 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1667859140556&_since=%221666279968541%22
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (11075), with no line terminators
Size
11 kB (11075 bytes)
Hash
9e977ae8cb41d856a83b217c26cd49ed
d0d749465048da0d9dd2f413c07c420751cc7d01
7f727ba9a0c387a76e301415a231af9b4873e9621d30fb19172ba0e804d5e334

HTTP Headers

GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1667859140556&_since=%221666279968541%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 11075
via: 1.1 google
date: Tue, 08 Nov 2022 02:21:45 GMT
cache-control: public,max-age=3600
age: 1707
last-modified: Mon, 07 Nov 2022 22:12:20 GMT
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1667225520937&_since=%221657747510534%22

34.102.187.140

200 OK

1.3 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1667225520937&_since=%221657747510534%22
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (1300), with no line terminators
Size
1.3 kB (1300 bytes)
Hash
c7e9f96e1a2142cb3ec17a1db32add0d
866196b5baab2194581407bdd1297f1934941675
81eb7fe101ad6a8966865dec8d3e0f73b7b81a8b519cb8cfc8abc1846e4c82b9

HTTP Headers

GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1667225520937&_since=%221657747510534%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1300
via: 1.1 google
date: Tue, 08 Nov 2022 02:28:31 GMT
cache-control: public,max-age=3600
age: 1301
last-modified: Mon, 31 Oct 2022 14:12:00 GMT
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22

34.102.187.140

200 OK

1.5 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (1504), with no line terminators
Size
1.5 kB (1504 bytes)
Hash
f8887f4ce8d60a19bc767a27c5aa7a20
4313dbbfa5738ece2219fe88d04c2c7dfae10bfa
8530d746dc49555caa17334b90bf713d67a60f428817c0065792446051632f18

HTTP Headers

GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1504
via: 1.1 google
date: Tue, 08 Nov 2022 01:57:06 GMT
cache-control: public,max-age=3600
age: 3186
last-modified: Thu, 27 Oct 2022 18:14:21 GMT
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22

34.102.187.140

200 OK

1.7 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (1719), with no line terminators
Size
1.7 kB (1719 bytes)
Hash
1971557ee32481ccb55dd637b351b263
be18a39de55151bb40ab40c95de41468fa47b8a2
cfffc68c1707cfbf7e93112696e899f31e4473c82130180e5767b4889e6c62ee

HTTP Headers

GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1719
via: 1.1 google
date: Tue, 08 Nov 2022 01:58:03 GMT
cache-control: public,max-age=3600
age: 3129
last-modified: Mon, 31 Oct 2022 17:42:02 GMT
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12627
Expires: Tue, 08 Nov 2022 06:20:40 GMT
Date: Tue, 08 Nov 2022 02:50:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12627
Expires: Tue, 08 Nov 2022 06:20:40 GMT
Date: Tue, 08 Nov 2022 02:50:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12627
Expires: Tue, 08 Nov 2022 06:20:40 GMT
Date: Tue, 08 Nov 2022 02:50:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12627
Expires: Tue, 08 Nov 2022 06:20:40 GMT
Date: Tue, 08 Nov 2022 02:50:13 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a2bb539-06cb-47fd-8d3c-7043929bfeaa.jpeg

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a2bb539-06cb-47fd-8d3c-7043929bfeaa.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9336 bytes)
Hash
71473fb15e07b9c973e7368bdd2c2eb7
e5e369ed7b77ff7639bffc16da2f2ca6c035421c
a7e72e22f9d0204e2be1f21fe1c66c8469c5b14ef3b4c64f3cf2335ba5365618

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a2bb539-06cb-47fd-8d3c-7043929bfeaa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9336
x-amzn-requestid: fb33f029-9d6c-40df-aab2-bdb139d8dedb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAKOGdEIAMFujA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697a41-53c235ce324b4e896b401a40;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zP8bp-rTtlDnlSAnPdZNJL19gSEfS9HmA9WUgNx4jku9i1zoahW-og==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:40:01 GMT
age: 18612
etag: "e5e369ed7b77ff7639bffc16da2f2ca6c035421c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8741ea01-6829-4b7c-a14e-c14c2134d6ca.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6566 bytes)
Hash
17911ced5822253969e1e3c1743b3ab0
9ca921755116b9bc783e340cb523f376942896af
625e7648f13ce472f4d871ba9eff6d958a8cd0a548cdec183ec3d01cc6ab41a6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8741ea01-6829-4b7c-a14e-c14c2134d6ca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6566
x-amzn-requestid: d4d93654-95f8-4159-ac6a-2f533e9fe980
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAKMHraoAMFwKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697a41-1b13db672438492e1e63e84d;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YsXkiNYC2MNrAC6FtnFHzfts9nii8uW-sS2w_t0-rr6HJoxjyGFptQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:40:01 GMT
age: 18612
etag: "9ca921755116b9bc783e340cb523f376942896af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcf73f-5c71-47c9-824d-b8fa1f9af018.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10781 bytes)
Hash
4ff4c1be0934222258267f7595f2ecde
5d51855ed7cc6f8cac53eef1730212eb70b28036
49ce70117f2b108ebcff7f8e0ac14b2583eaf6b36a10baff097b35b728ba44d9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcf73f-5c71-47c9-824d-b8fa1f9af018.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10781
x-amzn-requestid: c5063271-8b84-41d7-899c-958c135541c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAwTF2cIAMF0DQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b34-6b6018d826efae3e3738a7d9;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:40:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yfT-BN4Codmr6J5v6xIIIpOG5EaHI1xnOqineRxdeQ3VJ_MmujMZew==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:42:38 GMT
age: 18455
etag: "5d51855ed7cc6f8cac53eef1730212eb70b28036"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10462 bytes)
Hash
4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C7GYpM3mXSf0hVyGO9Zzlxa3IHXHdyPlXsvr3i0GoQnaPZF6lO-OwA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 06:28:00 GMT
age: 73333
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76499332-7cb2-480e-80ac-e32e75ab50fa.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8398 bytes)
Hash
298feae06e52240607d511f44a5c8b59
8c898d7e603b6e710cf3238edf54cb8d2b2cd4cd
f92ee3491c6772a1e8a0a577653f6134999f5b82aa8ea539fb007c04e36ec872

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76499332-7cb2-480e-80ac-e32e75ab50fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8398
x-amzn-requestid: 2d03c942-072b-4a67-a800-dc65787289cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQA4oEZLIAMFQ3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b6a-219868c264434b060d18dc3a;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:40:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zeyBTIPlQUVzOYobFL_fLUzqFXakHgzB4Ewr5KxLUW8806UQ_VgFzw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:48:13 GMT
age: 18120
etag: "8c898d7e603b6e710cf3238edf54cb8d2b2cd4cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f590111-905a-44a3-861d-b8905ff72231.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10719 bytes)
Hash
b8c1ed79376a3bf9dfc9713189c36039
26ef76be8b675a4eeaf5ee428ee56d1a1181c6af
45f6891db04614dd3309e7951b90fafdac07e57e1932ebda66c852d6f9b65e5c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f590111-905a-44a3-861d-b8905ff72231.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10719
x-amzn-requestid: 04634220-90c5-403b-a531-c0a984379b33
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAKNGK0IAMFxrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697a41-543f03665ed83c4e63c47c7b;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:36:01 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LTQmBemUPmWSCxl0h3fQagTJ4MWll9KF_j-hWP9M4WvVikdImmwj-Q==
via: 1.1 7f06047c304d80ea094816a27c933914.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:40:01 GMT
age: 18612
etag: "26ef76be8b675a4eeaf5ee428ee56d1a1181c6af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

palmitosicoaraci.com.br/themes/pamar/scripts.js

172.106.0.110

200 OK

521 B

URL HTTP/2
palmitosicoaraci.com.br/themes/pamar/scripts.js
IP
172.106.0.110:0
ASN
#40676 AS40676

File type
ASCII text, with CRLF line terminators
Size
521 B (521 bytes)
Hash
68c689bae07c6c47593e382c35c12649
46b2254833bbd6d3e01c0ec7668648e107ba8420
586f229a461336e5a4281ef8e1abb082fa977ea90ce9d72aa3942d47dbd01c51

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /themes/pamar/scripts.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:11 GMT
content-type: application/javascript
last-modified: Wed, 24 Aug 2022 14:54:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 521
date: Tue, 08 Nov 2022 02:50:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

palmitosicoaraci.com.br/themes/pamar/lib/wow/wow.min.js

172.106.0.110

200 OK

2.6 kB

URL HTTP/2
palmitosicoaraci.com.br/themes/pamar/lib/wow/wow.min.js
IP
172.106.0.110:0
ASN
#40676 AS40676

File type
ASCII text, with very long lines (8099)
Size
2.6 kB (2635 bytes)
Hash
84bcd002724af2dd2e7cc6247fb84d17
d97b0313077c8a7d904c15342e314804915c099d
2206a94b5dd8138c89e5a30bad50115903e45978323bef0367eca08ac6843559

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /themes/pamar/lib/wow/wow.min.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:12 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2635
date: Tue, 08 Nov 2022 02:50:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

palmitosicoaraci.com.br/themes/pamar/lib/easing/easing.min.js

172.106.0.110

200 OK

733 B

URL HTTP/2
palmitosicoaraci.com.br/themes/pamar/lib/easing/easing.min.js
IP
172.106.0.110:0
ASN
#40676 AS40676

File type
ASCII text, with very long lines (2301)
Size
733 B (733 bytes)
Hash
ebc58a9cdf34a3fb595a609418b88be2
2c6972dc988c4541bd9c61519eaf7ae3f2da39b5
4065193c46b4f3b77d971b12330d77f1b48b5c29755bd814d8ad4cfb36f98356

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /themes/pamar/lib/easing/easing.min.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:12 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 733
date: Tue, 08 Nov 2022 02:50:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

palmitosicoaraci.com.br/themes/pamar/lib/waypoints/waypoints.min.js

172.106.0.110

200 OK

2.6 kB

URL HTTP/2
palmitosicoaraci.com.br/themes/pamar/lib/waypoints/waypoints.min.js
IP
172.106.0.110:0
ASN
#40676 AS40676

File type
Unicode text, UTF-8 text, with very long lines (8863)
Size
2.6 kB (2592 bytes)
Hash
9ac7d06d536f08f1b22abc2e4d53f85a
2f7809be662e8b60690e9c93bc57e46ae06e906c
ac26b8d1e1df8be26af42c290e9ecc4bd0afc655f88e6bec2f73e87bf6ca6474

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /themes/pamar/lib/waypoints/waypoints.min.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:12 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2592
date: Tue, 08 Nov 2022 02:50:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

palmitosicoaraci.com.br/themes/pamar/lib/counterup/counterup.min.js

172.106.0.110

200 OK

908 B

URL HTTP/2
palmitosicoaraci.com.br/themes/pamar/lib/counterup/counterup.min.js
IP
172.106.0.110:0
ASN
#40676 AS40676

File type
ASCII text, with very long lines (2182)
Size
908 B (908 bytes)
Hash
de4f314590475ff8b1ec91731b60b304
8d76335b9e0fafb98c18388d2e4e700d87b14550
cd9a483551940c95018c6910936cb4a62150ebf2527a4cc1afd24cbf91bdaa55

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /themes/pamar/lib/counterup/counterup.min.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:12 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 908
date: Tue, 08 Nov 2022 02:50:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

palmitosicoaraci.com.br/themes/pamar/js/main.js

172.106.0.110

200 OK

779 B

URL HTTP/2
palmitosicoaraci.com.br/themes/pamar/js/main.js
IP
172.106.0.110:0
ASN
#40676 AS40676

File type
ASCII text
Size
779 B (779 bytes)
Hash
1f0033d5ff76c016dd85024a852c767f
2b71cb32c4c38675b3b8aa5973ffc3f111ddf4f3
8781b7452972dc5e78df6d316d823f05e678f991108021d1988febeb0d065653

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /themes/pamar/js/main.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:12 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 779
date: Tue, 08 Nov 2022 02:50:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
03fc468285706210a3ce339d5a223c61
fd32b7fa20b5c53cc2aebc09a3defe4c890f61be
9401d1803a9bac1dd2297405f8cf32dffdc375912ccc1c7bcf884f59a0ed64ab

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:50:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
03fc468285706210a3ce339d5a223c61
fd32b7fa20b5c53cc2aebc09a3defe4c890f61be
9401d1803a9bac1dd2297405f8cf32dffdc375912ccc1c7bcf884f59a0ed64ab

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:50:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
03fc468285706210a3ce339d5a223c61
fd32b7fa20b5c53cc2aebc09a3defe4c890f61be
9401d1803a9bac1dd2297405f8cf32dffdc375912ccc1c7bcf884f59a0ed64ab

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:50:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

diffuser-cdn.app-us1.com/diffuser/diffuser.js

104.17.145.91

200 OK

40 kB

URL HTTP/2
diffuser-cdn.app-us1.com/diffuser/diffuser.js
IP
104.17.145.91:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
40 kB (40228 bytes)
Hash
77862e8922e5242016a30be04d0424a1
130c34036a4baeeef7dac55256b2d32161bc2af6
2b2b1cfd7db544f60c94469e90cf02fcb9251bd349bcbd5754ed2a29286f8200

HTTP Headers

GET /diffuser/diffuser.js HTTP/1.1
Host: diffuser-cdn.app-us1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 08 Nov 2022 02:50:13 GMT
content-type: application/javascript
last-modified: Thu, 21 Oct 2021 17:42:06 GMT
etag: W/"4d482a43613d3966f353ec9d97452e0c"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=300
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 059f85e5e664bc876c915622803d9e28.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: LYgb7O-05A19YisedsHdW7Gqa3Bw46pjlPKvIkZSVBpaULKohYEzzQ==
cf-cache-status: HIT
age: 247
server: cloudflare
cf-ray: 766afffb8954b523-OSL
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2

216.58.207.195

200 OK

30 kB

URL HTTP/2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30480, version 1.0\012- data
Size
30 kB (30480 bytes)
Hash
0e7e5f9d3a8ef121149827180b790b5c
0e9f9333078e5df9245630ff6f68ba1d9da3c403
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c

HTTP Headers

GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://palmitosicoaraci.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30480
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:29:11 GMT
expires: Thu, 02 Nov 2023 19:29:11 GMT
cache-control: public, max-age=31536000
age: 458462
last-modified: Wed, 27 Apr 2022 16:04:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2

216.58.207.195

200 OK

22 kB

URL HTTP/2
fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 21724, version 1.0\012- data
Size
22 kB (21724 bytes)
Hash
c3609c36a150ce088ea4dcab92b7c00b
0c18236a183e962533a4f61bff3ae2581313561a
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e

HTTP Headers

GET /s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://palmitosicoaraci.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Nov 2022 22:37:11 GMT
expires: Wed, 01 Nov 2023 22:37:11 GMT
cache-control: public, max-age=31536000
age: 533582
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
03fc468285706210a3ce339d5a223c61
fd32b7fa20b5c53cc2aebc09a3defe4c890f61be
9401d1803a9bac1dd2297405f8cf32dffdc375912ccc1c7bcf884f59a0ed64ab

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:50:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

palmitosicoaraci.com.br/themes/pamar/images/logo/logo.png

172.106.0.110

200 OK

52 kB

URL HTTP/2
palmitosicoaraci.com.br/themes/pamar/images/logo/logo.png
IP
172.106.0.110:0
ASN
#40676 AS40676

File type
PNG image data, 681 x 235, 8-bit/color RGBA, non-interlaced\012- data
Size
52 kB (52535 bytes)
Hash
0ff38b50be9c4081036a08240f084e10
b113bf3caef2b4e0aa8144e6bcfc0dba5da80151
d4dcef6d5f9143e1ede075805a239b57746dcd550744045fe61e23da4fb3c8d2

HTTP Headers

GET /themes/pamar/images/logo/logo.png HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:12 GMT
content-type: image/png
last-modified: Wed, 24 Aug 2022 16:50:54 GMT
accept-ranges: bytes
content-length: 52535
date: Tue, 08 Nov 2022 02:50:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

palmitosicoaraci.com.br/themes/pamar/images/logo/webmail.png

172.106.0.110

200 OK

17 kB

URL HTTP/2
palmitosicoaraci.com.br/themes/pamar/images/logo/webmail.png
IP
172.106.0.110:0
ASN
#40676 AS40676

File type
PNG image data, 325 x 326, 8-bit/color RGBA, non-interlaced\012- data
Size
17 kB (17109 bytes)
Hash
f9bceccef2e7602604af4b53565be874
03a7f99db2f0ba4f4eebaaf7daa38ac5621b3a0f
b4dce868297035a5af660a2ce794dcc52e30ef32d9c8f8b4c4e9187cc3a44f3d

HTTP Headers

GET /themes/pamar/images/logo/webmail.png HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:12 GMT
content-type: image/png
last-modified: Wed, 24 Aug 2022 14:27:42 GMT
accept-ranges: bytes
content-length: 17109
date: Tue, 08 Nov 2022 02:50:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

palmitosicoaraci.com.br/themes/pamar/lib/owlcarousel/owl.carousel.min.js

172.106.0.110

200 OK

11 kB

URL HTTP/2
palmitosicoaraci.com.br/themes/pamar/lib/owlcarousel/owl.carousel.min.js
IP
172.106.0.110:0
ASN
#40676 AS40676

File type
ASCII text, with very long lines (32000)
Size
11 kB (10649 bytes)
Hash
1b649a193df8c648d381cdda8dd268b4
f01dcdb5e3ede69da1d3e8556dcd993f0105b61d
dd2f2af9b8d391f704ec91ab6ef3e32ff56afacc88ba92b8a8834ca562de8bcb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /themes/pamar/lib/owlcarousel/owl.carousel.min.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:12 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10649
date: Tue, 08 Nov 2022 02:50:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/js/moment-timezone.min.js

172.106.0.110

200 OK

9.1 kB

URL HTTP/2
palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/js/moment-timezone.min.js
IP
172.106.0.110:0
ASN
#40676 AS40676

File type
ASCII text, with very long lines (32832), with no line terminators
Size
9.1 kB (9061 bytes)
Hash
e78d6807d18576999c3f473824a1537b
c47130cc69b3c51ca0c2334257a3644fb70d78ee
3465ac1cc58e51a4fee9856859cc741f320ddac3f7227725c76f4f3e9c3fd5cb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /themes/pamar/lib/tempusdominus/js/moment-timezone.min.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:12 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9061
date: Tue, 08 Nov 2022 02:50:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/js/tempusdominus-bootstrap-4.min.js

172.106.0.110

200 OK

12 kB

URL HTTP/2
palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/js/tempusdominus-bootstrap-4.min.js
IP
172.106.0.110:0
ASN
#40676 AS40676

File type
ASCII text, with very long lines (32032)
Size
12 kB (11542 bytes)
Hash
f5a4db83231fb90dd2430138551be975
839474798fd1ea078dcf0d9810411285b460ac99
b6d7cd25bd81e578b99ec4d6777a08040aeb5d7f2da90bcc654b70d73214f143

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /themes/pamar/lib/tempusdominus/js/tempusdominus-bootstrap-4.min.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:12 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11542
date: Tue, 08 Nov 2022 02:50:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/js/moment.min.js

172.106.0.110

200 OK

64 kB

URL HTTP/2
palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/js/moment.min.js
IP
172.106.0.110:0
ASN
#40676 AS40676

File type
ASCII text, with very long lines (65536), with no line terminators
Size
64 kB (63743 bytes)
Hash
7aab21750c3674e928da71c89b8cabb8
92f2139c3717d4cfd19a8186187d5829174ab58c
71384b81fe6bf962fedb07e3fd60d8538996c34b455a7e918a766739da8de73d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /themes/pamar/lib/tempusdominus/js/moment.min.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:12 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 63743
date: Tue, 08 Nov 2022 02:50:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

palmitosicoaraci.com.br/themes/pamar/img/carousel-bg-1.jpg

172.106.0.110

200 OK

114 kB

URL HTTP/2
palmitosicoaraci.com.br/themes/pamar/img/carousel-bg-1.jpg
IP
172.106.0.110:0
ASN
#40676 AS40676

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1800x560, components 3\012- data
Size
114 kB (113750 bytes)
Hash
27febaa8ddda88aea4a7ea24b1de7ebb
31de76567f5ad644a21dce243243b0026c852a9c
5016c60014f6e573f58dfd25b9ff3d6293067a328e198bbecae21e05c3687f8f

HTTP Headers

GET /themes/pamar/img/carousel-bg-1.jpg HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/themes/pamar/css/style.css
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:12 GMT
content-type: image/jpeg
last-modified: Tue, 23 Aug 2022 18:23:34 GMT
accept-ranges: bytes
content-length: 113750
date: Tue, 08 Nov 2022 02:50:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d9e23a9bac6355d898d29c56c76a7b00
7cb358d9beb843c88c86b5c642a06ea5f5130229
e65a19ba171586388a4c1260cd602e4938f4a0de1fbe4cb622976d11a0615954

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5201
Cache-Control: max-age=104504
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:50:14 GMT
Etag: "6368a4cd-1d7"
Expires: Wed, 09 Nov 2022 07:51:58 GMT
Last-Modified: Mon, 07 Nov 2022 06:25:17 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

prism.app-us1.com/?a=799654661&u=https%3A%2F%2Fpalmitosicoaraci.com.br%2FT-online

104.17.145.91

200 OK

0 B

URL HTTP/2
prism.app-us1.com/?a=799654661&u=https%3A%2F%2Fpalmitosicoaraci.com.br%2FT-online
IP
104.17.145.91:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?a=799654661&u=https%3A%2F%2Fpalmitosicoaraci.com.br%2FT-online HTTP/1.1
Host: prism.app-us1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Nov 2022 02:50:14 GMT
content-type: application/javascript
content-length: 0
cache-control: no-cache, private
set-cookie: prism_799654661=536940d0-6366-447f-913b-eef2cbdd30b3; expires=Thu, 08-Dec-2022 02:50:14 GMT; Max-Age=2592000; path=/; secure; httponly; samesite=none
x-envoy-upstream-service-time: 45
x-powered-by: PHP/7.4.32
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 766afffd09dcb523-OSL
X-Firefox-Spdy: h2

connect.facebook.net/pt_BR/sdk.js

31.13.72.12

200 OK

1.7 kB

URL HTTP/2
connect.facebook.net/pt_BR/sdk.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (1961)
Size
1.7 kB (1686 bytes)
Hash
fc357f45f44241de4cd271c00f9f6343
54cd5110ed97c862d39e7599a2a22183afe9a334
46d50669e068615b6fc4cd26f72f098aba4136ca4f5a7a41796d29a4000217d9

HTTP Headers

GET /pt_BR/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: eafd1f43c636b303ca8413a9fe5e4d3e
etag: "6e9fc0bdd2aa14602cd9a87796c0a430"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 08 Nov 2022 03:05:18 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: /DV/RfRCQd5M0nHAD59jQw==
x-fb-debug: E5GggBOBuCDwyutkh1pDFYo05hEzVPLjbfywYd82V9jt9Iswt1UrhUVh2oN7ueU0usAcmdOgrxARCTWyO8tKqQ==
content-length: 1686
x-fb-trip-id: 2074150462
date: Tue, 08 Nov 2022 02:50:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d9e23a9bac6355d898d29c56c76a7b00
7cb358d9beb843c88c86b5c642a06ea5f5130229
e65a19ba171586388a4c1260cd602e4938f4a0de1fbe4cb622976d11a0615954

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4581
Cache-Control: max-age=103884
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:50:14 GMT
Etag: "6368a4cd-1d7"
Expires: Wed, 09 Nov 2022 07:41:38 GMT
Last-Modified: Mon, 07 Nov 2022 06:25:17 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/pt_BR/sdk.js?hash=c4945207e4537644df0bc8e852aabea4

31.13.72.12

200 OK

87 kB

URL HTTP/2
connect.facebook.net/pt_BR/sdk.js?hash=c4945207e4537644df0bc8e852aabea4
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (13192)
Size
87 kB (86934 bytes)
Hash
7c467ae9733be2f327f93f1a07471f6e
988de8f8abc20d634cae44d6b0383854d08ce4a0
f68d22764b061afcc5020be4ee77c90f36eef48d3d49acfc63f756af35210de3

HTTP Headers

GET /pt_BR/sdk.js?hash=c4945207e4537644df0bc8e852aabea4 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://palmitosicoaraci.com.br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: ee1dade5a3d4a7568726e512a3e24299
etag: "4c0abe8ad6dc93479035a477aa4c59e5"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 08 Nov 2023 02:45:18 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: fEZ66XM74vMn+T8aB0cfbg==
x-fb-debug: vT79/qo3IfEgkq7DBy7oRnq8UnIuLCFNwsgCzkp9/fCTU7buAuuWeIKUuYGWpyxeFgoxUSg/fGeqjXmfo/ZigQ==
content-length: 86934
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 02:50:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

palmitosicoaraci.com.br/themes/pamar/images/favicons/android-icon-192x192.png

172.106.0.110

200 OK

4.0 kB

URL HTTP/2
palmitosicoaraci.com.br/themes/pamar/images/favicons/android-icon-192x192.png
IP
172.106.0.110:0
ASN
#40676 AS40676

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (469), with CRLF, LF line terminators
Size
4.0 kB (4042 bytes)
Hash
10d81bc589594f8e11f22cc80fc9ab93
2381aabeb7826f9c6b16a1f9dd9f9aeda075f8bb
ea359f93a19d5faf1bee962fbbfa5a6a62115d73c56ba8e844e21990d81e2481

HTTP Headers

GET /themes/pamar/images/favicons/android-icon-192x192.png HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 4042
content-encoding: br
vary: Accept-Encoding
date: Tue, 08 Nov 2022 02:50:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

palmitosicoaraci.com.br/themes/pamar/images/favicons/favicon-16x16.png

172.106.0.110

200 OK

4.0 kB

URL HTTP/2
palmitosicoaraci.com.br/themes/pamar/images/favicons/favicon-16x16.png
IP
172.106.0.110:0
ASN
#40676 AS40676

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (469), with CRLF, LF line terminators
Size
4.0 kB (4035 bytes)
Hash
c5aea73a955801bd957d50c4b30cdf5e
ffa2eece9daa3e43628138379acae63afba00ffd
f14c9032815ce84cb88881bf0f6ea499235f22befe5838f299db66884799044e

HTTP Headers

GET /themes/pamar/images/favicons/favicon-16x16.png HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 4035
content-encoding: br
vary: Accept-Encoding
date: Tue, 08 Nov 2022 02:50:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

normandy.cdn.mozilla.net/api/v1/

54.230.111.106

200 OK

598 B

URL HTTP/1.1
normandy.cdn.mozilla.net/api/v1/
IP
54.230.111.106:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (598), with no line terminators
Size
598 B (598 bytes)
Hash
3076f9a5cb273105528b893ff7111e41
b8990c145fe71b9a2410eea41a60a712b43b82bf
69c578fb0c03a28141a975833f660f4571e7991dc28ae7f9cead37672ee2c9b3

HTTP Headers

GET /api/v1/ HTTP/1.1
Host: normandy.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 598
Connection: keep-alive
Server: nginx
Date: Tue, 08 Nov 2022 02:50:00 GMT
Cache-Control: public, max-age=30
Allow: GET, HEAD, OPTIONS
Content-Security-Policy: object-src 'none'; form-action 'self'; block-all-mixed-content; base-uri 'none'; worker-src 'none'; default-src 'self' https://normandy.cdn.mozilla.net/; frame-src 'none'; report-uri /__cspreport__
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Via: 1.1 google, 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
Vary: Accept,Origin
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4NSJeWzniru5X6RiQCeWGupKZtDlBVn8r9gc990AHBxx0plS7gXV5Q==
Age: 16

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
df086deaf35652d1b62b909928461b41
9ffd21b8593095e3b5d3fa5569a52baf48f086b1
2aa340651330809c9127a0e718ca2ebf3a68e259281667cb7b4adbe0b7562654

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2AA340651330809C9127A0E718CA2EBF3A68E259281667CB7B4ADBE0B7562654"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12821
Expires: Tue, 08 Nov 2022 06:23:57 GMT
Date: Tue, 08 Nov 2022 02:50:16 GMT
Connection: keep-alive

classify-client.services.mozilla.com/api/v1/classify_client/

34.98.75.36

200 OK

64 B

URL HTTP/2
classify-client.services.mozilla.com/api/v1/classify_client/
IP
34.98.75.36:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
64 B (64 bytes)
Hash
441dc6d739b18f7e2838ea0d6725e184
f33cf0b917cf6b4ef22a8ad9df546cc711964e16
3ffaf47cb53e86ffd233a988d1b5dca10c93b6015c614a727cdddddaa3ce738c

HTTP Headers

GET /api/v1/classify_client/ HTTP/1.1
Host: classify-client.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 02:50:17 GMT
content-type: application/json
content-length: 64
cache-control: max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/normandy.content-signature.mozilla.org-2022-12-09-20-33-59.chain?cachebust=2017-06-13-21-06

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/normandy.content-signature.mozilla.org-2022-12-09-20-33-59.chain?cachebust=2017-06-13-21-06
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5327 bytes)
Hash
9fb00ac120ffbc3b42a59dc2985bbc7e
ab48f0eb2dc9f9bc58eb42c02016dc5b72b06323
56c65fc9bf0ff19c3abad88491469241ca4a9a03d01f0aa9b9856a65693fdfab

HTTP Headers

GET /chains/normandy.content-signature.mozilla.org-2022-12-09-20-33-59.chain?cachebust=2017-06-13-21-06 HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Y/tPUs+5dvYbYV7L2N006MqPLIiKl9LYi8HPZEpBWgwpx07FcLsbIyxa+hQdzgBlFV50uVgXpN8=
x-amz-request-id: 400ZA9VQNMM7ZARH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5327
via: 1.1 google
date: Tue, 08 Nov 2022 02:17:36 GMT
age: 1961
last-modified: Thu, 20 Oct 2022 20:34:00 GMT
etag: "9fb00ac120ffbc3b42a59dc2985bbc7e"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

palmitosicoaraci.com.br/themes/pamar/assets/images/pag-top-bg.jpg

172.106.0.110

200 OK

0 B

URL HTTP/2
palmitosicoaraci.com.br/themes/pamar/assets/images/pag-top-bg.jpg
IP
172.106.0.110:0
ASN
#40676 AS40676

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/pamar/assets/images/pag-top-bg.jpg HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Tue, 08 Nov 2022 02:50:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Barlow:wght@600;700&family=Ubuntu:wght@400;500&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Barlow:wght@600;700&family=Ubuntu:wght@400;500&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Barlow:wght@600;700&family=Ubuntu:wght@400;500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 08 Nov 2022 02:50:11 GMT
date: Tue, 08 Nov 2022 02:50:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations